Nmap ("Network Mapper") is an open source tool for network exploration and security auditing.
Questions tagged [nmap]
279 questions
65
votes
3 answers
What is the recommended way to get nmap on OSX?
Can I just use apt-get, or should I use some Mac tool?
Jim
- 651
32
votes
5 answers
Why would ping succeed but nmap fail?
Why does Nmap report "Host seems down" when a simple ping succeeds?
me@computer:~$ ping 123.45.67.89
PING 123.45.67.89 (123.45.67.89) 56(84) bytes of data.
64 bytes from 123.45.67.89: icmp_req=1 ttl=45 time=91.1 ms
64 bytes from 123.45.67.89:…
AShelly
- 489
22
votes
1 answer
Why is "nc -l xxxx" not opening a port?
I'm trying to get netcat to listen on port 4444, but it doesn't seem to be working. I am checking to see if the port is open using nmap, but it doesn't pick it up and I can't figure out why. I have tried various ports with no joy.
Here is a copy of…
Grezzo
- 982
15
votes
4 answers
nmap says 0 hosts up even though I can ping
I'm running Metasploit from Win 7 x64, and I've set up my Metasploitable 2 virtual machine on VMware Player. I can ping Metasploitable's IP address from the Metasploit console, however if I use nmap it says:
Note: Host seems down. If it is really…
Pickle
- 293
14
votes
2 answers
Couldn't open a raw socket. Error: Permission denied (13)
I am trying to get familiar with hacking and networking by doing HackTheBox challenges. At starting point Oopsie I am supposed to use command nmap -sS -A 10.10.10.28. However, after running it in Ubuntu 20.04 I got following error: Starting Nmap…
Marek Mudron
- 143
13
votes
1 answer
How to show closed ports in NMap?
Any way to make NMap list the closed ports (I've tried -vvvv, etc.)? The filtered ones?
bcc32
- 243
12
votes
3 answers
different behavior: "sudo nmap" vs just "nmap"?
I'm attempting to do a simple port scan with nmap:
$ nmap 192.168.56.101
Starting Nmap 6.47 ( http://nmap.org ) at 2015-03-10 19:30 IST
Nmap scan report for 192.168.56.101
Host is up (0.0048s latency).
Not shown: 998 closed ports
PORT STATE…
thedp
- 445
12
votes
1 answer
How to easily determine, which outbound ports aren't blocked by firewall
I'm behind fairly restrictive firewall regarding ports, that can be used for connecting outside. I'm also running service on my remote box, and I want to connect to it.
Problem is, that I'm unable to find out which ports I can access, so I don't…
nothrow
- 255
12
votes
4 answers
Find computer names on a private network (with nmap?)
On a LAN, I want to find out the names of all the connected computers using a cross-platform program, preferably nmap. I know I can do
nmap -sn xxx.xxx.xxx.xxx/24
(where xxx.xxx.xxx.xxx is a local IP address) to find hosts which are up, but how do…
bsamek
- 959
12
votes
3 answers
find an IP address by MAC address on LAN
I would like to look up a MAC address on my ethernet and find the IP of that machine. What command should I issue using which app?
edit: i've tried: fping -g 195.88.88.0/24 | arp -a | grep 4C:12:10:11:35:B4 but that does not work (i checked with my…
sterz
- 784
11
votes
2 answers
How does NMap decide to print a progress line?
Checking a larger subnet than I normally do; mapping out a cluster suite in a university for a traffic mapping project (permission attained), and I was wondering something.
NMap usually prints its progress periodically, but I'm unclear to what that…
Andrew Bolster
- 1,458
10
votes
2 answers
How to get device name from scan like nmap on Linux
I know that I can use a tool like NMAP or arp-scan on Linux to identify the IP and MAC addresses of all devices on my local network. I also know that arp-scan will do a MAC address lookup to get the device manufacturer. But is there any set of…
Marc
- 213
- 1
- 2
- 6
10
votes
1 answer
How does nmap calculate the difficulty of TCP sequence prediction?
I am learning how nmap operates by testing it with another workstation in my network. When I entered
nmap -v -A -sS 192.xxx.xxx.xxx
Part of the output produced the line below.
TCP Sequence Prediction: Difficulty=260 (Good luck!)
How is 260…
tray
- 145
10
votes
2 answers
Why is this NMAP scan to a remote host showing me no ports open when the ports REALLY are open?
telnet 99.99.99.99 33491
Trying 99.99.99.99...
Connected to 99.99.99.99..
Escape character is '^]'
^]
telnet> close
Connection closed.
As you can see, the above telnet command shows port 33491 is open.
Running NMAP with -PN on that same IP and port…
Tom G11
- 405
- 3
- 9
- 17
10
votes
3 answers
nmap: easily Ping-Scan all addresses in my subnet
Is there an nmap line that will auto-detect my current IP address and subnet mask, and run a ping-scan on all? For example:
#> nmap -sP 0.0.0.0
Instead of manually:
#> nmap -sP 192.168.100.0/24
Felipe Alvarez
- 2,154